Thankfully Southwest Airlines provides Internet access for a fee. Leaving San Diego at noon today, I’m flying through Nashville to Ft. Lauderdale today, spending the night there and catching flights, first to Nassau, and then on to Great Abaco. The relief effort I’ll be involved in is detailed in the Information Technology Disaster Resource Center’s LinkedIn site, and is worth taking a look at to see photos and other information relating to the status of the disaster recovery efforts. I’ll be there for a week, heading back home on Saturday, October 26th. I’ll be detailing on this blog site my experiences over the week, but first wanted to explain how I became involved with the ITDRC and what it took to participate in this deployment. My purpose in doing this is to see if what I write provides an interest in participating.

I was introduced to ITDRC by Alysia Stark, a student who signed up for Coastline Community College’s cybersecurity apprenticeship program. Based on my review of the ITDRC website, I joined the organization in January 2018, with the thought of eventually completing their requirements associated with actual deployment. Those requirements identified below are classes that can be completed online:

• ITDRC-100 (available through the member portal)
• FEMA IS-100
• FEMA IS-700

Having recently completed those courses, I qualified for deployment. In order to bolster my chances of being deployed, I took the following two online classes that are required to qualify for the Critical Information Systems (CIS) Team:

• FEMA IS-200
• FEMA IS-800

Based on my learning experiences for the four (4) completed FEMA classes, my intention is to take an additional class the ITDRC leadership recommends. It is not online, so I’ve registered to take the IS-300 course in San Diego in late January.

While I’d like to think that my classwork detailed above along with my academic qualifications and industry-recognized certifications resulted in my being selected for deployment, I’m reasonably sure the recent article I authored for Certification Magazine helped in the decision process. Titled “ITDRC volunteers enhance their IT skills through disaster recovery assistance,” the article details key benefits that might accrue for professionals and students who volunteer for projects the ITDRC is involved in.

I first learned of the deployment on Tuesday, spending Wednesday and Thursday packing for the adventure. Thankfully, based upon Internet research, the ITDRC Slack Channel, and advise provided through email, I was able to prepare what to carry with me in terms of what I’ll be wearing and creature comforts. I’m sure I’ll be providing my own advice in subsequent postings to this blog. What I can tell you is I have absolutely no expectations that this next week will be anything that resembles a “vacation.” That’s enough information for today.

DAY 2 – October 19, 2019

I managed to get a good night’s sleep in Fort Lauderdale (FLL), which will likely be my last for a while. After a quick comfortable shower (again likely my last for a while), the day started with me flying from FLL to Nassau (NAS) and a quick 25-minute flight from there to Marsh Harbour (MHH).

Made it to MHH around 3:30p.m. local time. The photo below shows the generator provided by the ITDRC to run the airport terminal.

I spent the remainder of the day getting familiar with the living arrangements. We are housed in what was a Christian church and school that was heavily damaged as the result of the hurricane. The interior walls have the sheetrock removed, and the roof is covered with a tarp. In the morning I’ll survey the site and hopefully provide an update with pictures.

DAY 3 – October 20, 2019

Early morning start (5:30a.m.) as the movement around the camp started to increase. Thankfully, coffee is available.

Today’s focus was primarily dealing with the needs of law enforcement and military operations. The Royal Bahama Defence Force has two sites, one at the airport and one at the port. The airport effort involved putting in a new Internet access point and getting the second access point configured so it provides Internet access. We also went by the police headquarters, but it is Sunday and it was closed. The picture below shows two police boats that are no longer seaworthy. All in all a good, but exhausting day.

DAY 4 – October 21, 2019

Today’s focus was to first attend the Island briefing at the Abaco Governmental Center. Briefings are held on Monday, Wednesday, and Friday. The pictures below are from the general briefing and there was a follow-up briefing with the Abaco Superintendent of Education.

That meeting was follow-up with a trip to the local hospital. ITDRC placed two Internet access points in the hospital. Fortunately, it looks as though they are finally scheduled to get access to the Internet from their “pre-disaster” source and we will be pulling those units out today. The picture below shows the current power source serving the hospital.

The evening meals here are provided by World Central Kitchen. For lunch, the choice is generally “Meals Ready to Eat (MREs).”

DAY 5 – October 22, 2019

The wake up had me feeling a bit tired, with a sore back likely due to sleeping on a cot without an air mattress. Good news is Chris and Debbie leave today. It’s good news because when Chris exits his cot, I’m moving in to take advantage of the air mattress. Bad news is I’ll miss their support and ITDRC leadership. The day was spent, first with a drive to the South end of the Island and Sandy Point School. In a creative fashion we managed to extend the coverage of existing wireless beyond the single pre-school classroom to a number of other classrooms through the placement of additional access points (one in a middle classroom, where the existing access point wasn’t connected to the service the ITDRC was providing), and the Rube Goldberg mounting structure we put together with the basketball backboard and a scaffold (see pictures below).

While at “Sandy Point,” thought it a good idea to see what the beach looked like. Below are pictures of the beach, along with a very nice home that continues to be boarded up, some seven (7) weeks after the hurricane. They have had looting issues, so that maybe the issue, with the plywood remaining until the owner returns.

The next project involved that took much of the afternoon was installing a new antenna for radio use at the island’s power plant. Fortunately, I was simply an observer, not having to go airborne in the bucket truck’s bucket.

DAY 6 – October 23, 2019

This was actually a fun day. It started with the morning briefing at the Government Office. Our plan after the meeting was to see if we could get to Green Turtle Cay, to look to see if we could fix the Internet access at the school. While there we met a person from IDEA, a relatively new non-profit created after the hurricane that had the goal of transporting people and resources around the Bahamas. Fortunately, they were going to do a round trip to Green Turtle Cay that morning and agreed to allow us to ride with them. What a great ride, the pictures illustrate why we enjoyed the trip, that included a brief swim (a reasonable substitute for a much-needed bath), when we arrived next to the “Fat Shirley” their luxury boat. We managed to get the Internet up and running, enjoying the day’s experience while doing some good for the school.

DAY 7 – October 24, 2019

To suggest that today was challenging would be an understatement. The day started waiting in line to get another Internet modem. Unfortunately, the window at the service provider wasn’t open so we took a short time viewing the destruction around March Harbour. A few of the pictures, showing this destruction are shown below.

Our second stop after obtaining what we needed from the Internet provider was at the Government Office to install Internet access for the head of the Bahamas National Emergency Management Agency (NEMA). After completing that project we headed North to Cooperstown to complete the school project that we had surveyed earlier in the week. That was certainly an exhausting and lengthy effort, arriving back at camp too late to eat the hot meal. So we suffered through one more MRE that certainly wasn’t the best spaghetti I’ve had. Something is certainly better than nothing, which is what I suspect some of the residents of Abaco had this evening.

DAY 8 – October 25, 2019

Started this morning with an early arrival at the Government Center to see if we could get the Internet satellite system up and running. No success. It is probably a wiring issue and we are not equipped to deal with it. In walking around the Center I noticed on the front glass door of the Magistrate Court #1 the calendar for the time period from August 25-29. Rather telling, given the hurricane hit Abaco on September 1st.

After the scheduled morning briefing our plans had us heading South, eventually to Sandy Point to check on that installation and do a little clean-up that includes a more permanent mounting for the access point we installed earlier in the week. The morning briefing included the opportunity to meet and both give and receive “thank you messages” from both government officials and from the other non-governmental organizations (NGOs) we worked closely with over this past week and the 8 weeks after the hurricane. Then it was off to Cherokee Sound and Crossing Rocks, two schools that had wireless systems installed by earlier teams. Both sites reported challenges but that was likely the result with the ISP provider and would be followed up remotely. We lacked sufficient time to travel down Sandy Point, and instead returned to Marsh Harbour. providing an opportunity to both view the damage and take pictures that are shown in the “reflections” below, and enabled us to solve the Internet access problems the Abaco police were having at the Government Center. All in all, it was a lighter day and one that allowed us to decompress a bit relative to what we had been doing during the previous days. After returning to the camp, our home while here on Abaco, I took a few pictures that show our accommodations.

The sleeping area, along with my lovely “cot,” are shown in the pictures below.

As noted in a daily report above, we had access to Meals Ready to Eat (MREs) along with a hot dinner meal that was provided by World Central Kitchen. However, there were days when we arrived back to camp too late for dinner. I will give credit to WCK, as they were providing somewhere around 8,000 meals a day. The photo below shows my final dinner and is representative of a typical meal consisting of hamburger meat, rice, and some vegetables. Note also the small package of pringles.

DAY 9 – October 26, 2019

I’m beginning this post early because I suspect I won’t have time to do it effectively as I travel to the Marsh Harbour Airport for a 9:45a.m. departure. There will be a lengthy layover in Nassau (4 hours), but the good news is I will clear U.S. Customs in Nassau rather than waiting until I arrive in Ft. Lauderdale. That is good since my layover there is only a little over an hour before departing home to San Diego, via Denver.

Reflections

The flight home went as expected with some challenges in Nassau where our baggage was loaded and shortly before the plane was ready to back out of the gate we were informed that the baggage had to be unloaded and processed through the x-ray machine again. That delay resulted in a one-hour late arrival in Nassau. Fortunately, I had a planned four hour stop in Ft. Lauderdale, so it simply resulted in my spending less time at that airport. I thought about writing my reflections during the flight home, but truthfully I was simply too exhausted to complete the effort.

What I can tell you is the experience was well worth the effort. Given the opportunity to help people by providing access to the Internet resulted in so many people thanking us. Think about how you would feel being cut off from the world for two months with no idea what is going on. A comment by a hospital administrator provides insight. He said that making the Internet available to visiting healthcare providers resulted in their willingness to stay on Abaco for longer periods of time. During their off-hours it gave them something to do, enabling them to reach out to family and friends, and hear what was happening in their world.

My plans relative to this experience are to share what I went through with faculty and students in the California community college world. I will be championing the idea of joining the ITDRC, providing opportunities to volunteer. Given the challenges here in California with wildfires, there will likely be a need for ITDRC involvement, just like it did for the Camp Fire in Butte County. I’ve created a folder containing some of the pictures I took while at Abaco. I’ll add more pictures as I receive them from fellow ITDRC volunteers. You can access the folder by clicking HERE.

If interested in volunteering with the ITDRC, you can access the member application site. If you have other non-IT interests in terms of volunteering, I’d recommend Team Rubicon. They served as our host, with the primary function of helping residents “muck” out their homes and covering the roofs with tarps.

If you have any questions, don’t hesitate in reaching out to me at linthicum_steve@rsccd.edu.

That was one tough exam but given my repeated efforts at utilizing the principles associated with “intelligent guessing” I was able to obtain a sufficient score and obtain the (ISC)2 Certified Cloud Security Professional designation. They do not provide a passing score, but you can view the CCSP-ScoreReport. I found it helpful, once I identified a weak area in terms of knowledge, to create a specific worksheet, putting as much information as needed. You can access those worksheets by clicking HERE. (ISC)2, for those uninitiated with their certification process certainly makes it interesting. Two weeks after taking and “provisionally” passing the exam I received this email. Since I already hold the CISSP certification, rather than have another member “endorse” me, I’m able to “self-endorse” and had done so. However, the review process before I’ll actually hold the CCSP certification may, according to the email, “take up to four (4) to six (6) weeks to complete (unless your application is randomly selected for audit, in which case, it may take longer).” Not exactly sure why this is, but from what I’ve read on Reddit, it looks like I’m about a month and a half away from claiming to possess the CCSP certification.

I’m going to take the rest of July away from exam preparation efforts. Next on the agenda, and part of a project that I’m leading, is obtaining the AWS Cloud Practitioner and Architect-Associate certifications. The project involves providing 10 faculty members with the opportunity to obtain these certifications so they can determine if these vendor-specific certifications are something they want to teach.

I’ve identified the goal of knocking off the Cloud Essentials Beta exam first. A first step was to create my standard worksheet. Not sure, based upon my review of the exam objectives how much studying I’ll get around to doing. The actual exam results won’t be released until November, so no immediate satisfaction (or sadness) after completing the exam. The exam is scheduled for June 4th. It is a bit challenging finding available dates since my PearsonVue location is an adult school and they are not open as often during the summer months.

Next on the list is the A+ Core 1 exam (220-1001). Following my typical process again, the first step was to create my standard worksheet. I scheduled the exam for June 5th. Again, not sure based upon my review of the exam objectives how much studying I’ll get around to doing. With the plan in mind, I figured taking the A+ Core 2 Exam (220-1002) the next day. Unfortunately, that isn’t going to happen. The best I could do was to find a distant testing center and schedule the exam for June 18th. Again, I’ve created a standard worksheet, and once again not sure based upon my review of the exam objectives how much studying I’ll do. But I’m committed to complete these exams by the end of June.

Bottom line is I need to get through these so I can start focusing on my next line of certifications that include:

• (ISC)2 Certified Cloud Security Professional (CCSP)
• AWS Certified Cloud Practitioner
• AWS Certified Solutions Architect – Associate

A specific goal for these three certifications is to have them completed by July 31st. That is a “hard date” for the CCSP, given the current exam will be retired on that date. Attached is my work schedule (in its uncompleted state). I do have some flexibility for the AWS exams, but I want them done before the academic year begins in August.

As the result of a grant funded opportunity, this summer I will be leading the efforts of ten (10) faculty members as they review curriculum associated with the Amazon Web Services (AWS) Practitioner and Architect-Associate certifications. Taking on this lead role, I’ll be evaluating potential learning resources that include an AWS Certified Solutions Architect – Associate 2019 course created by Ryan Kroonenburg and available through Udemy. I have started the course, completing about 10% of the work and find it of amazing quality. Additionally I will be evaluation standard textbooks through this evaluation process and take both certification exams. I want to accomplish this within the next 30 days so I can provide faculty with a TTT syllabus, with the goal of having them start the course after July 1st (start of the grant funding period) and finishing it before the beginning of the fall semester in August. I will continue to post to this blog site, providing feedback as I go through this process.

Steve

On March 28th I will be participating in a “Orange County Cyber Security Business Summit” as a panelist, with the focus of providing attendees with educational resources that focus on improving the current status of local businesses relative to potental challenges associated with data protection and privacy. In an article last month on the Small Business Computing website, the following sobering facts were disclosed:

• Forty-eight percent of SMBs say a major data breach would likely shut their business down permanently, according to the results of a recent AppRiver survey of 1,059 cyber security decision makers at SMBs with fewer than 250 employees.
• In some sectors, that proportion is even higher. 71 percent of financial services and insurance SMBs said a major breach would be fatal to their businesses, and 62 percent of healthcare SMBs and 60 percent of business consulting SMBs said the same.
• Seventy-one percent of SMBs said they’ve experienced at least one attempted cyber-attack within the last quarter, and 64 percent said cyber-attacks are “prevalent” among businesses such as theirs.

In its 2017 State of Cybersecurity Among Small Businesses in North America report, the Better Business Bureau noted, “it is time to focus on comprehensive cybersecurity solutions that are customized for the needs and constraints of smaller businesses.”

We are fortunate in Orange County to have two California community colleges that have obtained the National Security Agency / Department of Homeland Security designation as Centers of Academic Excellence in Cyber Defense (CAE). These colleges are are championing a potential grant funded effort that is designed to place students presently enrolled in the Region’s community college cybersecurity programs in internship positions that will be designed to help businesses achieve a reasonable level of defensive measures designed to provide additional protection from cyber-attacks. Students will help businesses to identify “no cost” or “low cost” resources that will enable businesses improve their resistance to cyber-attacks. As an example, we know that employee cybersecurity awareness training is a key component of a defensive program. “No cost” awareness training is available from the following resources:

• Small Business Big Threat
• Enjoy Safer Technology

Proof of substantive evidence of both a need and a resulting chance of success can be provided by identifying an existing program that mirrors much of what we plan to do. We believe it important to point out what has been accomplished through the efforts of the SBDC operating in the State of Kansas. Examples of specific SBDC activities over the past year have included:

• In partnership with the University of Kansas School of Business, providing small businesses with the opportunity to complete an online Cybersecurity Assessment that will be utilized to assist small businesses in their development of appropriate policies and procedures designed to reduce business risks associated with cyber-attacks.
• In partnership with the University of Kansas (Professional and Continuing Education Division), provide a free online course titled “Cybersecurity for Small Business.”

As we move forward with this effort, periodic updates will be provided on this blog site. If you are interested in hosting an intern, please provide your contact information by clicking HERE.

For additional information please reach out to Steve Linthicum (linthicum_steve@rsccd.edu).